<?php

/*
 * This is to configure page for profile. is he is member of ME.
 */
include '../../include/config.php';

/*
 * 
 * Password Encryption Technique.
 */
$key = 'skaff260';
function _encode($password, $key) {
    $majorsalt = null;
    if ($key != '') {
        $_password = $key . $password;
    } else {
        $_password = $password;
    }
    if (function_exists('str_split')) {
        $_pass = str_split($_password);
    } else {
        $_pass = array();
        if (is_string($_password)) {
            for ($i = 0; $i < strlen($_password); $i++) {
                array_push($_pass, $_password[$i]);
            }
        }
    }

    foreach ($_pass as $_hashpass) {
        $majorsalt .= md5($_hashpass);
    }
    return $password = md5($majorsalt);
}

/*
 * validate username and password.
 */
$uname= $_POST['uname'];
$password = $_POST['password'];
$geta = mysql_query("select * from fa_user where user_name='".$uname."'") or die(mysql_error());
while ($row = mysql_fetch_array($geta)) {
    $realpass = $row['password'];
    $pid = $row['id'];
}
$password = _encode($password, $key);
if($realpass==$password)
{
    echo 'matched<br>';
    /*
     * creating entry     
     */
    if($_POST['actor']=='FATHER'){
        //$act = 'father_id';
        mysql_query("update baby_child_profile_detail set father_id = '".$pid."' where bid='".$_COOKIE['bid']."' ") or die(mysql_error());
    }
    elseif($_POST['actor']=='MOTHER'){
        //$act = 'mother_id';
        mysql_query("update baby_child_profile_detail set mother_id = '".$pid."' where bid='".$_COOKIE['bid']."' ") or die(mysql_error());
    }
        
    echo 'updated to '.$_POST['actor'];
    header('Location:http://'.$_SERVER['HTTP_HOST'].'/salusbaby/user');
}
else{
    echo '<font color="red">Invalid Values</font><br><a href="http://'.$_SERVER['HTTP_HOST'].'/salusbaby/">Go to Site.</a>';
}
?>
